Many e-commerce platforms and mobile apps are set to do away with the second-factor authentication of one-time passwords (OTPs) for regular customers on payments up to Rs 2,000, making online transactions quicker and smoother.
Flipkart has already done so, and others like Swiggy and ride-sharing apps are about to follow.
A key driver for this has been the phased relaxation of rules by RBI—most recently last Friday—on one-time passwords. The central bank had allowed banks to facilitate transactions without OTP for online transactions so long as the merchant can verify the customer.
Puneet Jain, senior vicepresident in charge of Paytm’s payment gateway, said his company is empowering merchants to accept credit card payments without OTP, subject to a one-time consent.
Another recent innovation is the enabling of recurring payments. We are now letting customers authorize such payments through the unified payment interface (UPI) in addition to cards and wallets,” he said.
Paytm’s payment gateway, which is a part of One97, claims to have 40% market share in volume of transactions. It is the largest gateway on e-commerce platforms such as IRCTC and food delivery and lifestyle apps.
Visa has facilitated checkout without OTP by developing ‘Visa Safe Click’ which uses other factors like device authentication to make the process more seamless, according to T R Ramachandran, India head of the payments company. “While it may not require OTP it uses other forms of second-factor authentication and eliminates points of friction, such as cart abandonment, connectivity and incorrect passwords, and transforms the payment experience into a faster, secure and seamless one,” he said.
According to Jain, recurring payments which were few in India are suddenly on the rise. One of the drivers has been streaming services like Netflix. “Another use case that is building up is for pre-authorised payments. This facility enables customers to book a service like a bike rental where the amount is debited after the usage,” said Jain. Earlier it was the startup which took the risks as there was little it could do if the card was declined after the service. With pre-authorisation, they do not face any such risk.
Unlike in India, many overseas e-comm platforms and apps do not require second-factor authentication. Uber started its ride-hailing business in India using its international payment gateway to facilitate transactions without OTP—only to be blocked by RBI, which said second-factor authentication was mandatory for payment for services and goods. This gave wallets like Paytm a boost. Now while requirement of OTP has been withdrawn, RBI has put the onus on banks and merchants to verify the user.